Hackers Fail To Crack Brazilian Voting Machines

blueser writes "From Nov 10th to Nov 13th the Brazilian Government hosted a public hacking contest to test the robustness of its voting machines. 38 participants from private and public IT companies (including the Brazilian Federal Police) were divided into 9 teams, which tried several different approaches to try to tamper with the software installed on the machines, and even to physically interfere in other stages of the process. All attempts (aside from a minor one which would not compromise the overall results) failed, and observations from the participants and neutral observers will be taken into account to improve the process even further. Here is the official announcement for the contest (Google translation; Portuguese original). A summary of the results is available in the Brazilian press (original). Brazilian voting machines use Linux." US voting officials ought to be envious of their Brazilian counterparts, or ashamed, or both. Perhaps this MIT-developed cryptographic voting system offers a way forward.

Everyone raise your hand...

[Loopy]

...if you think the person who actually cracked it would admit it before cashing in.

for what it is worth...

[Sir_Lewk]

Cracking contests are warning sign number 9 on Bruce Schneier's list of security snake oil warnings. [schneier.com]

Warning Sign #9: Cracking contests.

I wrote about this at length last December: . For now, suffice it to say that cracking contests are no guarantee of security, and often mean that the designers don't understand what it means to show that a product is secure.

Re:Hmm...

[jhoegl]

The reason for Microsofts constant failure at security and bugs is that they outsource portions of the code still. Win ME was the first time they did that, look what happened. They still dont learn or care about it and outsource code. Look at recent GPL violations for current proof. That and they focus more on crap that has nothing to do with an Operating System.

What is the threat model?

[Beryllium Sphere(tm)]

Is this exercise realistic given the need to protect against well hidden back doors, tampering by election officials, and sloppy procedures (like letting a vendor install uncertified patches just before an election)? They tested only a narrow range of dangers.

The right way to do something like this is at design time.

They deserve credit, though, for doing things so much better than the US.

Paper vote inspection is sampled

[mangu]

You can simply look at all the steps in the design and see that you can observe what's going on.

How can you, personally, be sure that every vote in every ballot in the country was counted correctly? Paper votes are sensitive to "economic power" frauds. The party which can put more inspectors in the process is the one which controls the counting.

In Brazil there was a big affair in the 1982 Rio de Janeiro state governor elections, when the leftist candidate Brizola [wikipedia.org] denounced an attempt to subvert the vote counting, in what became known as the "Proconsult scandal" [google.com]. According to Brizola's party [pdt.org.br], this fraud attempt was performed with the collusion of the right-wing media organizations, which presented fake exit polls indicating a victory for the rightist candidate.

In any major election there are many people working together and one must inevitably trust a lot of people involved in the counting. No ordinary citizen has the resources to monitor an election by himself, the support of the party is needed.

In these days, any political party should have lots of people who know and understand computing technology. It's much easier and cheaper to let a trusted team of computer experts do a thorough audit on the software than to get a large team of scrutineers to watch every little detail where a paper ballot can be defrauded.
 

Re:Hmm...

[sslayer]

The voting system has been widely accepted, due in great part to the fact that it speeds up the vote count tremendously. In the 1989 presidential election between Fernando Collor de Mello and Luiz Inácio Lula da Silva, the vote count required nine days. In the 2002 general election, the count required less than 12 hours. In some smaller towns the election results are known minutes after the closing of the ballots.

I just don't get it. In Spain we know the results of the election with more than the 90% of votes counted at 21:00, while the election itself ends at 20:00. In an hour more or two, we got the 100% minus the postal votes. And of course our system is just the goold old ballot.

Re:Hmm...

[stevelinton]

Interesting. Sounds like you count at every polling place. Most countries don't do that. They gather the boxes up some smaller set of places (in the UK it's one per constituency) and count them all there. Obvious advantage -- much easier for parties and the press to scrutinise the count; obvious disadvantage -- it takes longer.

In the US they also have a curious attachment to having huge numbers of elections all at once and putting them all on the same piece of paper. I guess this probably is easier for the voters, at least in the sense of being less work, but it means that hand counting would be infernally complicated because the same ballot papers need to be counted in multiple different ways for everything from president of the USA to town dogcatcher.

Re:for what it is worth...

[Anonymous Coward]

Yeah. On other side, in a famous powerfull contry, To tamper a election you have to only cause problems and delays when couting the papers, so you can have a court to rule at your favor, at some famous state, at a re-election of an beloved guy.
So in this case you don't have to do a risky count.